Closed xmh0511 closed 8 months ago
SSL is a protocol run atop TCP. Thus it's your job to check the bytes of the stream to identify its protocol
SSL is a protocol run atop TCP. Thus it's your job to check the bytes of the stream to identify its protocol
Assume the destination address is 2.2.2.2:443
, and I have identified it as SSL/TLS
, then I established a connection that
IpStackStream::Tcp(mut tcp) => {
let socket = Socket::new(Domain::IPV4, Type::STREAM, None)?;
socket.connect(&SockAddr::from(SocketAddr::from(([2, 2, 2, 2],443,)))).unwrap();
tokio::spawn(async move {
tokio::io::copy_bidirectional(&mut tcp, &mut rhs).await.unwrap();
});
}
However, this still does not work for me. When requesting, the client gives the error
OpenSSL: error:0A000438:SSL routines::tlsv1 alert internal error
How do I correctly establish SSL/TLS
connection?
Try debugging it with wireshark.
You can refer to my code https://github.com/planetoryd/tun2socks5/tree/afe8157d4599d02a15cf47909053ed19a243bf71 for usage of ipstack. It's a functioning tool.
As mentioned by @planetoryd, this is not within the scope of ipstack. However, you can take a look at the following link to detect TLS Client Hello, which is useful for TLS connection detection.
https://github.com/narrowlink/narrowlink/blob/main/gateway/src/service/wss.rs#L76-L105
When a TCP stream is coming from
tun
, how to determine whetherssl/tls
is used? For example,http://10.0.0.1:8080
andhttps://10.0.0.2:9090
, such two request will both catched byIpStackStream::Tcp(mut tcp)
, but how correctly distinct whether it isssl/tls
?